Systems and methods of a doorbell device initiating a state change of an access control device and/or a control panel responsive to two-factor authentication

ABSTRACT

Systems and methods of a doorbell device initiating a state change of an access control device and/or a control panel responsive to two-factor authentication are provided. Such systems and methods can include the doorbell device receiving first access credentials from a first device, determining whether the first access credentials are valid, and determining whether the first device has been authenticated with two factors by determining whether an indication of two-factor authentication of the first device has been received from the first device or by soliciting and validating second access credentials from a second device. When the first access credentials are valid and the first device has been authenticated with the two factors, the doorbell device can transmit a state change command to the access control device that controls access to a secured area associated with the doorbell device and/or the control panel that monitors the secured area.

FIELD

The present invention relates generally to security systems and accesscontrol systems. More particularly, the present invention relates tosystems and methods of a doorbell device initiating a state change of anaccess control device and/or a control panel responsive to two-factorauthentication.

BACKGROUND

Known security systems and access control systems can receive commandsand/or access credentials from a device. However, such systems do notauthenticate the device, the commands, and/or the access credentialswith two factors prior to taking some action responsive to the commandsand/or the access credentials.

In view of the above, there is a need and an opportunity for improvedsystems and methods.

BRIEF DESCRIPTION OF THE DRAWINGS

FIG. 1 is a block diagram of a system in accordance with disclosedembodiments;

FIG. 2 is a flow diagram of a method in accordance with disclosedembodiments; and

FIG. 3 is a flow diagram of a method in accordance with disclosedembodiments.

DETAILED DESCRIPTION

While this invention is susceptible of an embodiment in many differentforms, specific embodiments thereof will be described herein in detailwith the understanding that the present disclosure is to be consideredas an exemplification of the principles of the invention. It is notintended to limit the invention to the specific illustrated embodiments.

Embodiments disclosed herein can include systems and methods of adoorbell device initiating a state change of an access control deviceand/or a control panel responsive to two-factor authentication. Forexample, the doorbell device can ensure that (1) access credentialsreceived from a first device, such as a mobile device, instructing thedoorbell device to initiate the state change are valid and (2) the firstdevice is proximate to (i.e. within a predetermined distance or atransmission range of) a second device, such as a keyfob or othertwo-factor authentication device, prior to initiating the state change.Such two-factor authentication can increase the likelihood that anauthorized user in possession of both the first device and the seconddevice is requesting the state change and not another person who mayhave stolen the first device, but is not in possession of the seconddevice.

In some embodiments, the doorbell device can determine that the firstdevice is proximate to the second device via communication with only thefirst device. However, in some embodiments, the doorbell device candetermine that the first device is proximate to the second device viacommunication with both the first device and the second device. In anyembodiment, the doorbell device can include a transceiver device fortransmitting signals to and receiving signals from the first device, thesecond device, the access control device, the control panel, and/or acloud server device and a programmable processor for executing themethods disclosed herein.

Various embodiments of the first device and the second device arecontemplated. For example, in some embodiments, the first device caninclude the mobile device, such as a smart phone, a tablet, a lowpowered remote control device, or another portable programmable device,and in some embodiments, the second device can include the two-factorauthentication device, such as the keyfob, a wireless dongle, wirelessheadphones, a smart watch, a wireless location beacon, another mobiledevice, or another low powered device that can connect to and/or pairwith the first device. Alternatively, in some embodiments, the firstdevice can include the two-factor authentication device, and the seconddevice can include the mobile device.

As explained above, in some embodiments, the doorbell device candetermine that the first device is proximate to the second device viacommunication with only the first device. In these embodiments, thedoorbell device can receive first access credentials from the firstdevice, determine whether the first access credentials are valid, anddetermine whether the doorbell device receives an indication oftwo-factor authentication of the first device from the first device. Theindication of two-factor authentication can confirm to the doorbelldevice that the first device is proximate to the second device, and insome embodiments, the doorbell device can receive the first accesscredentials and/or the indication of two-factor authentication from thefirst device responsive to the first device determining that the firstdevice is proximate to the second device. That is, in some embodiments,the first device will only transmit the first access credentials and/orthe indication of two-factor authentication to the doorbell device whenthe first device determines that the first device is proximate to thesecond device.

When the first access credentials are valid and the doorbell devicereceives the indication of two-factor authentication, the doorbelldevice can transmit a state change command to the access control device,such as a lock, that controls access to a secured area associated withthe doorbell device. For example, the state change command can instructthe access control device to change a state of the access control devicefrom locked to unlocked or from unlocked to locked.

In some embodiments, the doorbell device can be located proximate to thesecured area, for example, on an exterior of the secured area.Furthermore, in some embodiments, the doorbell device can include acamera device for monitoring the exterior of the secured area and/orreceiving information, such as the first access credentials, from thefirst device. Additionally or alternatively, in some embodiments, thedoorbell device can include a user interface, such as a button, that,when activated, can cause the doorbell device to notify an owner or anoccupant of the secured area about a presence of a person proximate tothe doorbell device, for example by emitting a sound or a tone withinthe secured area or transmitting an informational signal to a portabledevice associated with the owner.

In some embodiments, the doorbell device can transmit the state changecommand to the control panel in addition to or in lieu of transmittingthe state change command to the access control device. For example, thestate change command can instruct the control panel to change a state ofthe control panel from armed to disarmed or from disarmed to armed.Additionally or alternatively, in some embodiments, the doorbell devicecan identify a particular command to transmit to the control panel basedon the state of the access control device. For example, in someembodiments, the doorbell device can identify the state of the accesscontrol device and, when the state of the access control device isunlocked, transmit an arm command to the control panel. However, whenthe state of the access control device is locked, the doorbell devicecan transmit a disarm command to the control panel.

In some embodiments, the doorbell device can receive a communicationrequest from the first device before receiving the first accesscredentials from the first device. For example, responsive to receivingthe communication request, the doorbell device can transmit anacknowledgement signal to the first device and, responsive thereto,receive the first access credentials.

Various embodiments for how the first device determines whether thefirst device is proximate to the second device are contemplated. Forexample, in some embodiments, the first device can determine that thefirst device is proximate to the second device when the second device isboth paired with the first device and connected with the first device,for example, via a Bluetooth or other wireless connection. Additionallyor alternatively, in some embodiments, the first device can determinethat the first device is proximate to the second device when first GPScoordinates of the first device are within a predetermined range ofsecond GPS coordinates of the second device. Additionally oralternatively, in some embodiments, the first device can determine thatthe first device is proximate to the second device when the first deviceand the second device are connected to a same local wireless network.Additionally or alternatively, in some embodiments, the first device candetermine that the first device is proximate to the second device bytransmitting a test command to the second device via a low poweredwireless connection and, responsive thereto, receiving a responsemessage from the second device.

Various embodiments for when the first device determines whether thefirst device is proximate to the second device are also contemplated.For example, in some embodiments, the first device can determine whetherthe first device is proximate to the second device responsive toreceiving user input instructing the first device to transmit the firstaccess credentials to the doorbell device, for example, via a userinterface device of the first device, and prior to transmitting thefirst access credentials to the doorbell device. Additionally oralternatively, in some embodiments, the first device can determinewhether the first device is proximate to the second device responsive toreceiving the acknowledgement signal from the doorbell device and priorto transmitting the first access credentials to the doorbell device.Additionally or alternatively, in some embodiments, the first device canperiodically determine whether the first device is proximate to thesecond device and, responsive thereto, adjust a display of the userinterface device of the first device or what portions of the userinterface device of the first device can be activated or selected. Forexample, when the first device determines that the first device isproximate to the second device, the first device can enable the userinterface device of the first device to receive user input instructingthe first device to transmit the first access credentials to thedoorbell device, for example, by enabling or activating the display orportions of the user interface device of the first device. However, whenthe first device fails to determine that the first device is proximateto the second device, the first device can disable the user interfacedevice of the first device from receiving user input instructing thefirst device to transmit the first access credentials to the doorbelldevice, for example, by freezing, disabling, or deactivating the displayor portions of the user interface device of the first device.

In any embodiment, when the first device is proximate to the seconddevice, the indication of two-factor authentication that the doorbelldevice receives from the first device can include or be representativeof an authentication signal that the first device receives from thesecond device or another indicator confirming that the first device isproximate to the second device. In some embodiments, the doorbell devicecan receive both the first access credentials and the indication oftwo-factor authentication in a request to change the state of the accesscontrol device, and in these embodiments, the doorbell device candetermine whether one or more dedicated bits in the request include theindication of two-factor authentication.

As explained above, in some embodiments, the doorbell device candetermine that the first device is proximate to the second device viacommunication with both the first device and the second device. In theseembodiments, the doorbell device can receive the first accesscredentials from the first device, determine whether the first accesscredentials are valid, and when the first access credentials are valid,transmit a notification signal to the second device to solicit secondaccess credentials from the second device. In some embodiments, thedoorbell device can transmit the notification signal to the seconddevice via a low powered wireless connection to ensure that the seconddevice will receive the notification signal and respond thereto onlywhen located proximate to the doorbell device. However, in anyembodiment, responsive to receiving the second access credentials fromthe second device, the doorbell device can determine whether the secondaccess credentials are valid and, when the second access credentials arevalid, transmit the state change command to the access control deviceand/or the control panel.

As explained above, the doorbell device can transmit the notificationsignal to the second device to solicit the second access credentialsfrom the second device. In some embodiments, the second device can beconfigured to automatically transmit the second access credentials tothe doorbell device responsive to receiving the notification signal.Additionally or alternatively, in some embodiments, the notificationsignal can instruct the second device to solicit user input identifyingthe second access credentials, and/or the second device can beconfigured to solicit user input identifying the second accesscredentials responsive to receiving the notification signal.Additionally or alternatively, in some embodiments, the second accesscredentials can be pre-stored on the second device, and the notificationsignal can instruct the second device to solicit user input withinstructions to transmit the second access credentials, and/or thesecond device can be configured to solicit user input with instructionsto transmit the second access credentials responsive to receiving thenotification signal. In any embodiment, responsive to receiving userinput identifying the second access credentials or user input withinstructions to transmit the second access credentials, the seconddevice can transmit the second access credentials to the doorbelldevice.

In some embodiments, when the doorbell device determines that the firstaccess credentials received from the first device are valid, but failsto receive the indication of two-factor authentication from the firstdevice or the second access credentials from the second device, thedoorbell device can initiate a security action. In some embodiments, thesecurity action can include the doorbell device transmitting a warningsignal to a mobile device that is different than the first device or thesecond device or to the control panel, either of which, under certainconditions or responsive to user input, can authorize the doorbelldevice to transmit the state change command to the access control deviceor the control panel despite a lack of two-factor authentication.Additionally or alternatively, in some embodiments, the security actioncan include the doorbell device transmitting an alarm signal to thecontrol panel or transmitting a locking signal to the first device, forexample, when the doorbell device receives the first access credentialsfrom the first device a predetermined number of times within apredetermined time period without also receiving the indication oftwo-factor authentication from the first device or the second accesscredentials from the second device within the predetermined period oftime.

FIG. 1 is a block diagram of a system 20 in accordance with disclosedembodiments. As seen in FIG. 1, the system 20 can include a first device22, a second device 24, a doorbell device 26 associated with a region R,an access control device 28 that controls access to the region R, and acontrol panel 30 that monitors the region R. In some embodiments, thesystem 20 can also include a cloud server device 32 that communicateswith the doorbell device 26 and/or the other devices in the system 20via a network N, such as the internet. As seen in FIG. 1, the doorbelldevice 26 can include a transceiver device 34 and a programmableprocessor 36, and in some embodiments, the transceiver device 34 caninclude one or more communication modules for communicating with thefirst device 22, the second device 24, the access control device 28, thecontrol panel 30 and/or the cloud server device 32 via any knownwireless or wired communication medium (e.g. Wi-Fi, cellular, Bluetooth,cable, phone line, Ethernet, fiber, etc.).

FIG. 2 is a flow diagram of a method 100 in accordance with disclosedembodiments. As seen in FIG. 2, the method 100 can include thetransceiver device 34 receiving first access credentials from the firstdevice 22, as in 102. Then, the method 100 can include the programmableprocessor 36 determining whether the first access credentials are valid,as in 104. When the first access credentials are invalid, the method 100can include taking no action, as in 106, or, in some embodiments,initiating a security action as described herein.

However, when the first access credentials are valid, the method 100 caninclude the programmable processor 36 determining whether the doorbelldevice 26 has received an indication of two-factor authentication of thefirst device 22 from the first device 22, as in 108. If not, then themethod 100 can continue determining whether the indication of two-factorauthentication has been received, as in 108. However, when theindication of two-factor authentication has been received, the method100 can include the transceiver device 34 transmitting a state changecommand to the access control device 28 and/or the control panel 30, asin 110.

FIG. 3 is a flow diagram of a method 200 in accordance with disclosedembodiments. As seen in FIG. 3, the method 200 can include thetransceiver device 34 receiving first access credentials from the firstdevice 22, as in 202. Then, the method 200 can include the programmableprocessor 36 determining whether the first access credentials are valid,as in 204. When the first access credentials are invalid, the method 200can include taking no action, as in 206, or, in some embodiments,initiating a security action as described herein.

However, when the first access credentials are valid, the method 200 caninclude the transceiver device 34 transmitting a notification signal tothe second device 24, as in 208, and responsive thereto, receivingsecond access credentials from the second device 24, as in 210. Then,the method 200 can include the programmable processor 36 determiningwhether the second access credentials are valid, as in 212. When thesecond access credentials are invalid, the method 200 can include takingno action, as in 214, or, in some embodiments, initiating the securityaction as described herein. However, when the second access credentialsare valid, the method 200 can include the transceiver device 34transmitting a state change command to the access control device 28and/or the control panel 30, as in 216.

Various embodiments for transmitting the first access credentials andthe second access credentials are contemplated. For example, in someembodiments, the first device 22 can transmit the first accesscredentials directly to doorbell device 26 and/or the second device 24can transmit the second access credentials directly to the doorbelldevice 26 via any known communication medium, including, but not limitedto Bluetooth, radio frequency ID, near field communication, WiFi, andcellular, or via a visual display of coded information, such as a QRcode or a barcode, that is captured by a camera of the doorbell device26. Additionally or alternatively, in some embodiments, the first device22 can transmit the first access credentials indirectly to doorbelldevice 26 and/or the second device 24 can transmit the second accesscredentials indirectly to the doorbell device 26 via an intermediarydevice, such as the cloud server device 32 or the control panel 30.

Various embodiments for determining whether the first access credentialsand/or the second access credentials are valid are also contemplated.For example, in some embodiments, the programmable processor 36 candetermine whether the first access credentials and/or the second accesscredentials are valid. Additionally or alternatively, in someembodiments, the doorbell device 26 can communicate with one or both ofthe control panel 30 and the cloud server device 32 to determine whetherthe first access credentials and/or the second access credentials arevalid. It is to be understood that determining whether any accesscredentials are valid as described herein can include determiningwhether those access credentials are associated with the doorbell device26, the access control device 28, the control panel 30, the region R,and/or an authorized user associated with the doorbell device 26, theaccess control device 28, the control panel 30, or the region R.

Finally, various embodiments for transmitting the state change commandto the access control device 28 and/or the control panel 30 arecontemplated. For example, in some embodiments, the doorbell device 26can transmit the state change command directly to the access controldevice 28 and/or the control panel 30. Additionally or alternatively, insome embodiments, the doorbell device 26 can transmit the state changecommand to the access control device 28 via an intermediary device, suchas the cloud server device 32 or the control panel 30, or can transmitthe state change command to the control panel 30 via an intermediarydevice, such as the cloud server device 32.

Although a few embodiments have been described in detail above, othermodifications are possible. For example, the logic flows described abovedo not require the particular order described or sequential order toachieve desirable results. Other steps may be provided, steps may beeliminated from the described flows, and other components may be addedto or removed from the described systems. Other embodiments may bewithin the scope of the invention.

From the foregoing, it will be observed that numerous variations andmodifications may be effected without departing from the spirit andscope of the invention. It is to be understood that no limitation withrespect to the specific system or method described herein is intended orshould be inferred. It is, of course, intended to cover all suchmodifications as fall within the spirit and scope of the invention.

What is claimed is:
 1. A method comprising: receiving access credentialsat a doorbell device from a mobile device; determining whether theaccess credentials are valid at t doorbell device; determining whetherthe doorbell device receives an indication of a two-factorauthentication of the mobile device from the mobile device, wherein theindication of the two-factor authentication of the mobile deviceconfirms to the doorbell device that the mobile device has communicatedwith a two-factor authentication device to execute the two-factorauthentication of the mobile device without the doorbell devicecommunicating directly with the two-factor authentication device; andwhen the access credentials are valid and the doorbell device receivesthe indication of the two-factor authentication of the mobile devicefrom the mobile device, transmitting a state change command from thedoorbell device to an access control device that controls access to asecured area associated with the doorbell device.
 2. The method of claim1 further comprising: determining a state of the access control device;when the access credentials are valid, the doorbell device receives theindication of the two-factor authentication of the mobile device fromthe mobile device, and the state of the access control device isunlocked, transmitting an arm command from the doorbell device to acontrol panel that monitors the secured area; and when the accesscredentials are valid, the doorbell device receives the indication ofthe two-factor authentication of the mobile device from the mobiledevice, and the state of the access control device is locked,transmitting a disarm command from the doorbell device to the controlpanel.
 3. The method of claim 1 further comprising: receiving acommunication request at the doorbell device from the mobile device;responsive to receiving the communication request, transmitting anacknowledgment signal from the doorbell device to the mobile device; andresponsive to the acknowledgment signal, receiving the accesscredentials at the doorbell device.
 4. The method of claim 1 wherein theindication of the two-factor authentication of the mobile deviceconfirms to the doorbell device that the mobile device is proximate tothe two-factor authentication device.
 5. The method of claim 1, whereinthe indication of the two-factor authentication of the mobile deviceconfirms to the doorbell device that the two-factor authenticationdevice is both paired with the mobile device and connected with themobile device.
 6. The method of claim 1 wherein the indication of thetwo-factor authentication of the mobile device confirms to the doorbelldevice that first GPS coordinates of the mobile device are within apredetermined range of second GPS coordinates of the two-factorauthentication device.
 7. The method of claim 1 further comprising:receiving both the access credentials and the indication of thetwo-factor authentication of the mobile device at the doorbell device ina request to change a state of the access control device.
 8. The methodof claim 7 further comprising: determining whether one or more dedicatedbits of the request include the indication of the two-factorauthentication of the mobile device.
 9. A doorbell device comprising: atransceiver device; and a programmable processor, wherein thetransceiver device receives access credentials from a first device,wherein the programmable processor determines whether the accesscredentials are valid, wherein the programmable processor determineswhether the transceiver device has received an indication of atwo-factor authentication of the first device from the first device,wherein the indication of the two-factor authentication of the firstdevice confirms to the programmable processor that the first device hascommunicated with a second device to execute the two-factorauthentication of the first device without the transceiver devicecommunicating directly with the second device, and wherein, when theaccess credentials are valid and the transceiver device has received theindication of the two-factor authentication of the first device from thefirst device, the transceiver device transmits a state change command toan access control device that controls access to a secured areaassociated with the doorbell device.
 10. The doorbell device of claim 9wherein the transceiver device receives a communication request from thefirst device, transmits an acknowledgement signal to the first deviceresponsive to receiving the communication request, and receives theaccess credentials responsive to the acknowledgement signal.
 11. Thedoorbell device of claim 9 wherein the transceiver device receives boththe access credentials and the indication of the two-factorauthentication of the first device in a request to change a state of theaccess control device.
 12. The doorbell device of claim 11 wherein theprogrammable processor determines whether one or more dedicated bits ofthe request include the indication of the two-factor authentication ofthe first device.
 13. The doorbell device of claim 9 wherein theindication of the two-factor authentication of the first device confirmsto the programmable processor that the first device is proximate to thesecond device.
 14. The doorbell device of claim 9 wherein theprogrammable processor determines a state of the access control device,wherein, when the access credentials are valid, the transceiver devicereceives the indication of the two-factor authentication of the firstdevice from the first device, and the state of the access control deviceis, unlocked, the transceiver device transmits an arm command to acontrol panel that monitors the secured area, and wherein, when theaccess credentials are valid, the transceiver device receives theindication of die two-factor authentication of the first device from thefirst device, and the state of the access control device is locked, thetransceiver device transmits a disarm command to the control panel. 15.The doorbell device of claim 9 wherein the indication of the two-factorauthentication of the first device confirms to the programmableprocessor that the second device is both paired with the first deviceand connected with the first device.
 16. The doorbell device of claim 9wherein the indication of the two-factor authentication of the firstdevice confirms to the programmable processor that first GPS coordinatesof the first device are within a predetermined range of second GPScoordinates of the second device.
 17. A method comprising: receivingaccess credentials at a doorbell device from a mobile device;determining whether the access credentials are valid at the doorbelldevice; determining whether the doorbell device receives an indicationof a two-factor authentication of the mobile device from the mobiledevice, wherein the indication of the two-factor authentication of themobile device confirms to the doorbell device that the mobile device hasconfirmed that the mobile device is proximate to a two-factorauthentication device without the doorbell device communicating directlywith the two-factor authentication device; and when the accesscredentials are valid and the doorbell device receives the indication ofthe two-factor authentication of the mobile device, transmitting a statechange command from the doorbell device to an access control device thatcontrols access to a secured area associated with the doorbell device.18. The method of claim 17 wherein the indication of the two-factorauthentication of the mobile device confirms to the doorbell device thatthe mobile device has communicated with the two-factor authenticationdevice to confirm that the mobile device is proximate to the two-factorauthentication device.
 19. The method of claim 17 wherein the indicationof the two-factor authentication of the mobile device confirms to thedoorbell device that the mobile device has confirmed that the two-factorauthentication device is both paired with the mobile device andconnected with the mobile device.
 20. The method of claim 17 wherein theindication of the two-factor authentication of the mobile deviceconfirms to the doorbell device that the mobile device has communicatedwith the two-factor authentication device to confirm that first GPScoordinates of the mobile device are within a predetermined range ofsecond GPS coordinates of the two-factor authentication device.